Planters Telephone Cooperative Targeted by Fog Ransomware Group

Incident Date: Dec 11, 2024

Attack Overview

VICTIM

Planters Telephone Cooperative

INDUSTRY

Telecommunications

LOCATION

USA

ATTACKER

Fog

FIRST REPORTED

December 11, 2024

Request Removal

Ransomware Attack on Planters Telephone Cooperative by Fog Group

Planters Telephone Cooperative, a telecommunications provider based in Newington, Georgia, has fallen victim to a ransomware attack orchestrated by the notorious Fog ransomware group. This incident highlights the vulnerabilities faced by rural telecommunications companies in the face of sophisticated cyber threats.

About Planters Telephone Cooperative

Established in 1950, Planters Telephone Cooperative serves rural communities across Screven and Effingham counties in Georgia. The cooperative is known for its commitment to delivering high-quality telecommunications services, including fiber-optic internet and traditional telephone services. With approximately 6,697 access lines and annual revenues of around $8 million, Planters plays a crucial role in bridging the digital divide in rural areas. Their focus on customer service and affordability makes them a standout in the industry.

Attack Overview

The Fog ransomware group claims to have infiltrated Planters Telephone Cooperative's systems, accessing 1 GB of sensitive data. This attack underscores the growing threat posed by ransomware groups targeting telecommunications providers. The cooperative's reliance on advanced fiber-optic technology, while beneficial for service delivery, may also present vulnerabilities that cybercriminals can exploit.

Fog Ransomware Group

Fog ransomware, a variant of the STOP/DJVU family, has gained notoriety for its sophisticated attack methods and double extortion tactics. The group typically gains initial access through compromised VPN credentials or weak RDP configurations. Once inside, they use tools like Cobalt Strike to move laterally and encrypt files, appending extensions such as .FOG. The group's strategy of threatening to leak sensitive data on the dark web adds pressure on victims to comply with ransom demands.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.